With a growing number of US companies storing their electronic data across country lines, US law enforcement agencies are left with the difficult task of trying to access electronic evidence stored outside of their physical jurisdictions.
In response, Congress passed the Clarifying Lawful Overseas Use of Data Act (Cloud Act) in 2018 to provide the US government with the power to order the production of electronic evidence that is stored outside of the US if it is within a US company’s “possession, custody, or control.”
However, the Cloud Act does not define what constitutes the “possession, custody, or control” of electronic evidence, raising concerns about the scope of US authority under the Act. Through their examination of existing domestic and international jurisprudence interpreting these terms in other legal contexts, Hemmings, Srinivasan, and Swire outline the key factors courts should balance in analyzing this pivotal phrase.
The US government has always been keen on its ability to protect sensitive and classified information from its enemies, yet the majority of resources have focused on military and national security information, which has left other categories of information exposed.
Capt. Christopher Dearing focuses the reader on the national security implications of personal information and the detrimental impact it possesses. This article provides an analysis of current privacy law and the information landscape, while highlighting areas where the US government has failed to keep pace to protect personal information, providing a valuable target for adversaries.
In an expansive call for action, Capt. Dearing recommends eight concrete steps that the government can take to better protect and manage personal information while developing stronger procedures to identify threats and respond to them.
The rich legal literature that has grown up to assess the constitutionality of bulk communications collection by the government has focused overwhelmingly—and understandably—on the challenge such programs pose to particular claims of individual right against the state, yet attempting to describe what seems troubling about bulk collection in terms of individual rights alone has significant doctrinal and conceptual limits.
From the perspective of private industry, Mieke Eoyang examines the interplay between US national security electronic surveillance and the US telecommunications companies that are necessary intermediaries for this surveillance, tracing the history of major surveillance programs and identifying key areas of tension. Eoyang recommends reforms including a court process for government access to overseas data on foreign customers, leaving bulk, unfiltered data in the hands of private industry, and working with close allies to build consensus around electronic surveillance norms.
As the field of privacy and digital surveillance grows increasingly chaotic, Michael Price proposes a compelling supplement to the third-party doctrine. Eschewing the popular position that our privacy clashes are generational, Price instead reviews the history of Fourth Amendment jurisprudence to identify missteps in doctrine that have led us to the current impossible position. Along the way he wrestles with problems such as cloud storage and communications metadata, and he concludes with a framework that strikes a new balance between our storied civil liberties heritage and the “papers” of a big data society.